Internet hit by a massive attack LizaMoon SQL Injection attack; installed Rogue Windows Stability Center

Updated May 2024: Stop getting error messages and slow down your system with our optimization tool. Get it now at this link
  1. Download and install the repair tool here.
  2. Let it scan your computer.
  3. The tool will then repair your computer.

Security company, Web Sense detected an SQL injection attack asking the user to install dishonest security software Windows Stability Center. The number of websites affected was approximately 28,000 at the time of discovery and now over 500,000 websites are affected by the attack, meaning that the attack continues at an alarming rate.

As said, the attack is based on the SQL injection method that uses poorly encoded applications. According to,

In this case, SQL injection attacks were used to insert malicious code into backend databases, which was then made available to unsuspecting users. The attack was called LizaMoon to detect a malicious web domain that was registered shortly before the attacks began and was used to serve malicious links. This domain was offline at the time of submission of this report, but a handful of other web domains reflect the attack.

users clicking on a link to a malware-infected website, move a PHP file to the user’s computer that redirects the browser to a website that installs malicious antivirus software known as Windows Stability Center.

This video explains how the attack works.

May 2024 Update:

You can now prevent PC problems by using this tool, such as protecting you against file loss and malware. Additionally it is a great way to optimize your computer for maximum performance. The program fixes common errors that might occur on Windows systems with ease - no need for hours of troubleshooting when you have the perfect solution at your fingertips:

  • Step 1 : Download PC Repair & Optimizer Tool (Windows 10, 8, 7, XP, Vista – Microsoft Gold Certified).
  • Step 2 : Click “Start Scan” to find Windows registry issues that could be causing PC problems.
  • Step 3 : Click “Repair All” to fix all issues.


States Web Sense :

LizaMoon’s massive injection campaign is still underway and over 500,000 pages have a script link to for preliminary Google search results.

We could also identify several other URLs that are injected exactly the same way, so the attack is even bigger than we originally thought. In total, a Google search gives more than 1,500,000 results that link to the same URL structure as the first attack. Google search results are not always good indicators of the extent of an attack because they count every URL or page, not the domain or website, but they give an indication of the extent of the problem when you look at how the numbers increase or decrease over time.

Many iTunes linked pages have also been affected by the attack, but since script tags are encoded, they cannot be executed.

So when you visit a website and are redirected to a security software site, the website you accessed may have been compromised. What you can do to protect yourself is close the website window and scan your PC with a renowned antivirus solution(16)(16) such as Microsoft Security Essentials.

Expert Tip: This repair tool scans the repositories and replaces corrupt or missing files if none of these methods have worked. It works well in most cases where the problem is due to system corruption. This tool will also optimize your system to maximize performance. It can be downloaded by Clicking Here